package com.sz.app.oss.api.system;

import com.sz.app.oss.constants.MessagesCodes;
import com.sz.app.oss.constants.Permissions;
import com.sz.biz.app.web.BaseController;
import com.sz.common.base.dto.ResultDto;
import com.sz.common.base.exception.BizException;
import com.sz.common.core.system.dto.MenuPermissionDto;
import com.sz.common.core.system.service.AuthorizationService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * Function: 授权controller <br>
 * Author: hpeng.wang <br>
 * Date: 2016-11-10 11:09:00
 */
@RestController
@RequestMapping("${api}/sys/auth")
@Api(description = " ", tags = "006、授权操作")
public class AuthorizationController extends BaseController {
    @Autowired
    private AuthorizationService service;

    /**
     * 给菜单&资源授权
     *
     * @param roleId  角色id
     * @param menuIds 菜单id集合
     * @return 操作结果
     * @throws BizException
     */
    @RequestMapping(value = "menu/{roleId}", method = {RequestMethod.POST})
    @ApiOperation(value = "角色菜单&资源授权", notes = "给某个角色进行菜单&资源授权<br>权限：" + Permissions.SYS_MGT_ROLE)
    @RequiresPermissions(Permissions.SYS_MGT_ROLE)
    public ResultDto saveMenuAuth(@PathVariable Integer roleId, @RequestBody List<Integer> menuIds) throws
            BizException {
        service.saveAuth(menuIds, roleId);
        ResultDto resultDto = getOperateSuccessDto(MessagesCodes.SUCCESS_AUTH_ROLE_SAVE_MESSAGE);
        return resultDto;
    }

    @RequestMapping(value = "menuandpermission/{roleId}", method = RequestMethod.POST)
    @ApiOperation(value = "角色菜单&资源授权", notes = "给某个角色进行菜单&资源授权<br>权限：" + Permissions.SYS_MGT_ROLE)
    @RequiresPermissions(Permissions.SYS_MGT_ROLE)
    public ResultDto saveMenuAndPermissionAuth(@PathVariable Integer roleId, @RequestBody List<MenuPermissionDto> menuPermissionDtos) {
        if (menuPermissionDtos != null) {
            service.saveMenuAndPermissionAuth(menuPermissionDtos, roleId);
        }
        ResultDto resultDto = getOperateSuccessDto(MessagesCodes.SUCCESS_AUTH_ROLE_SAVE_MESSAGE);
        return resultDto;
    }

}
